Home Page

Copy Aegis Authenticator to a new Android;

November 12, 2021. I use the free Aegis Authenticator on Android to generate one-time codes for two-step login to websites. Unlike Google authenticator, it lets you set an encryption password that's independent of the Android's unlock password. Thus, an unlocked phone is not sufficient to spill the beans.

But my cell company is killing my Nokia 2.2, which was released in June 2019. Gee, it's not even 3 years old yet. So I chose another Android. When I activated, I only had the choice of restoring all of my old apps and data. I didn't want to do that. I wanted a clean slate and clear delineation between the crapware on the new phone and the apps on the old.

That left me with the question of how to get my Aegis app and data moved to the new phone without having to suffer a through two-step setup process per site again. One method is to install Aegis on the new phone, open it on the old phone, and one by one have it generate QR codes for the new Aegis to read in. But that's cumbersome.

There is a better way. Here it is:

  1. Make sure that the old Aegis has a truly strong passphrase. You're going to transfer its database through Google Drive. That database contains the keys to your Kingdom. It could leak, subjecting it to offline attack. If the encryption method doesn't deter computer guessing, a botnet can break four random words in an hour, so five random words is a bare minimum. Pick them with Diceware (theworld.com/~reinhold/diceware.html). You can use the settings menu to change the password.
  2. Unlock the old vault.
  3. Use the 3-dot menu to pick settings, export, aegis JSON format, encrypted, share, Google Drive.
  4. Close.
  5. On the new phone, pick the Google Play store and install Aegis.
  6. You might as well set it up with the same password.
  7. Use the 3-dot menu to pick settings, import, import from file, aegis, Drive, My Drive (folder): and pick the file 'aegis-export....' You'll need to enter the password of the old Aegis vault. Then pick the item at the bottom of the screen to complete the import.
  8. Now consider visiting Google Drive, deleting the 'Aegis-export' file, and emptying the trash. A file that isn't in the cloud anymore is less likely to fall into the wrong hands.

You can't be too paranoid.


📧 Send Comment Walt.Gregg.Juneau.AK.US/contact
🏡 Home Page Walt.Gregg.Juneau.AK.US
  Global Statistics   gs.statcounter.com